Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

DSA-1536-1 libxine -- several vulnerabilities

Related Vulnerabilities: CVE-2007-1246   CVE-2007-1387   CVE-2008-0073   CVE-2008-0486   CVE-2008-1161  

Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1246 / CVE-2007-1387 The DMO_VideoDecoder_Open function does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code (applies to sarge only). CVE-2008-0073 Array index error in the sdpplin_parse function allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter. CVE-2008-0486 Array index vulnerability in libmpdemux/demux_audio.c might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow (applies to etch only). CVE-2008-1161 Buffer overflow in the Matroska demuxer allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes. For the old stable distribution (sarge), these problems have been fixed in version 1.0.1-1sarge7. For the stable distribution (etch), these problems have been fixed in version 1.1.2+dfsg-6. For the unstable distribution (sid), these problems have been fixed in version 1.1.11-1. We recommend that you upgrade your xine-lib package.

Source

Debian Security Advisory

DSA-1536-1 libxine -- several vulnerabilities

Date Reported:
31 Mar 2008
Affected Packages:
xine-lib
Vulnerable:
Yes
Security database references:
In the Debian bugtracking system: Bug 464696.
In Mitre's CVE dictionary: CVE-2007-1246, CVE-2007-1387, CVE-2008-0073, CVE-2008-0486, CVE-2008-1161.
More information:

Several local vulnerabilities have been discovered in Xine, a media player library, allowed for a denial of service or arbitrary code execution, which could be exploited through viewing malicious content. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2007-1246 / CVE-2007-1387

    The DMO_VideoDecoder_Open function does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code (applies to sarge only).

  • CVE-2008-0073

    Array index error in the sdpplin_parse function allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.

  • CVE-2008-0486

    Array index vulnerability in libmpdemux/demux_audio.c might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow (applies to etch only).

  • CVE-2008-1161

    Buffer overflow in the Matroska demuxer allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.

For the old stable distribution (sarge), these problems have been fixed in version 1.0.1-1sarge7.

For the stable distribution (etch), these problems have been fixed in version 1.1.2+dfsg-6.

For the unstable distribution (sid), these problems have been fixed in version 1.1.11-1.

We recommend that you upgrade your xine-lib package.

Fixed in:

Debian GNU/Linux 3.1 (sarge)

Source:
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1-1sarge7.diff.gz
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1.orig.tar.gz
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1-1sarge7.dsc
Alpha:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_alpha.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_alpha.deb
AMD64:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_amd64.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_amd64.deb
ARM:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_arm.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_arm.deb
HP Precision:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_hppa.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_hppa.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_i386.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_ia64.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_ia64.deb
Motorola 680x0:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_m68k.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_m68k.deb
Big-endian MIPS:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_mips.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_mips.deb
Little-endian MIPS:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_mipsel.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_powerpc.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_s390.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge7_sparc.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge7_sparc.deb

Debian GNU/Linux 4.0 (etch)

Source:
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.1.2+dfsg-6.dsc
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.1.2+dfsg.orig.tar.gz
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.1.2+dfsg-6.diff.gz
Alpha:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_alpha.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.1.2+dfsg-6_alpha.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_alpha.deb
AMD64:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_amd64.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_amd64.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.1.2+dfsg-6_amd64.deb
ARM:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_arm.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_arm.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.1.2+dfsg-6_arm.deb
HP Precision:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_hppa.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.1.2+dfsg-6_hppa.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_hppa.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_i386.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.1.2+dfsg-6_i386.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.1.2+dfsg-6_ia64.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_ia64.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_ia64.deb
Big-endian MIPS:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_mips.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.1.2+dfsg-6_mips.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_mips.deb
Little-endian MIPS:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_mipsel.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.1.2+dfsg-6_mipsel.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.1.2+dfsg-6_powerpc.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_powerpc.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_s390.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_s390.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.1.2+dfsg-6_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1-dbg_1.1.2+dfsg-6_sparc.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.1.2+dfsg-6_sparc.deb
http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.1.2+dfsg-6_sparc.deb

MD5 checksums of the listed files are available in the original advisory.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started